#!/bin/sh
# opieinfo: Print a user's current OPIE sequence number and seed
#
# Portions of this software are Copyright 1995 by Randall Atkinson and Dan
# McDonald, All Rights Reserved. All Rights under this copyright are assigned
# to the U.S. Naval Research Laboratory (NRL). The NRL Copyright Notice and
# License Agreement applies to this software.
#
#	History:
#
#       Header fixed for OPIE 2.01.
#	Modified at NRL for OPIE 2.0.
#	Written at Bellcore for the S/Key Version 1 software distribution
#		(reminder.sh)
#
# This script will look thru the opiekeys file for
# people with sequence numbers less then LOWLIMIT
# and send them e-mail remindes to use keyinit soon
LOWLIMIT=15
if [ "$1" != "" ]
then
	LOWLIMIT=$1
fi
# a copy of notices will go to ADMIN
ADMIN=root
SUBJECT='Reminder: Run opiepasswd'
HOST=`/usr/bin/hostname | cut -f1 -d.`
# an opiekeys entry looks like
#   jsw 0076 la13079          ba20a75528de9d3a
# the sequence number is the second entry
#
for i in `/usr/bin/awk '{print $1}' /etc/opiekeys`
do
SEQ=`/usr/bin/grep "^$i[ 	]" /etc/opiekeys|/usr/bin/awk '{print $2}'`
if [ $SEQ -lt $LOWLIMIT ]
then
  KEY=`/usr/bin/grep "^$i[ 	]" /etc/opiekeys|/usr/bin/awk '{print $3}'`
  if [ $SEQ -lt  5 ]
  then
  	SUBJECT="IMPORTANT: Action REQUIRED!"
  fi
  /usr/ucb/Mail -s "$SUBJECT" $i $ADMIN << 'EOF'
An automated reminder from the OPIE system:

You are nearing the end of your current OPIE sequence for the account $i 
on $HOST. 

Your OPIE sequence number is now $SEQ. Each time you log into $HOST,
the sequence number is lowered by one. When it reaches zero, you will no longer
be able to use OPIE to log into the system. This very well could mean that you
will be cut off until you talk to a system administrator.

If you have access to an OPIE key generator, you should immediately go to a
shell prompt on $HOST and use the command "opiepasswd -s" to reset your
sequence number. Be sure to use a different key from your current one, which
is $KEY, and you should also change your secret password.

If you do not have access to an OPIE key generator and you are able to log into
$HOST directly on the console or through a secure terminal or network (if
you aren't sure, then it's not secure) you may use the command "opiepasswd" to
generate a new key for you.

Thanks,
Your System Administrators
EOF
fi
done
